You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: Readme.md
+37-20Lines changed: 37 additions & 20 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -1,14 +1,13 @@
1
1
# Cryptomator-webdav
2
+
2
3
This repo contains a set of docker files to create a docker image to run the [Cryptomator cli](https://github.com/cryptomator/cli) within Docker.
3
4
The Cryptomator-cli application shares a local Cryptmator vault over an TLS protected webdav share.
4
5
5
6
:warning: The webdav server contained within the Cryptomator-cli application provides **no username or password** access controls. Take your own appropriate security precautions.
6
7
7
8
:warning: As of June 2023, Cryptomator states the cli application is still in an early stage and not ready for production use. We recommend using it only for testing and evaluation purposes.
8
9
9
-
<palign="center">
10
-
<imgsrc="images/cryptomator-finder-example.png"alt="Cryptomator Finder Example">
11
-
</p>
10
+

12
11
13
12
## Usage Instructions
14
13
@@ -23,17 +22,24 @@ cp sample.env .env
23
22
docker-compose up cryptomator-webdav
24
23
# The vault will be accessible on the docker host machine on the port specified in the .env file
25
24
```
26
-
By default the cryptomator vault will be available over webdav at `webdavs://127.0.0.1:18081/vault`, using a self-signed certificate, with no username or password on the webdav share.
25
+
26
+
By default the cryptomator vault will be available over webdav at the following url, using a self-signed certificate, with no username or password on the webdav share.
27
+
28
+
```bash
29
+
webdavs://127.0.0.1:18081/vault
30
+
```
27
31
28
32
If you wish to be able to access the vault over the the docker host's external IPs, update CRYPTOMATOR_HOST in `.env` to either 0.0.0.0 (all ips), or a specific docker host IP.
29
33
30
-
####File Permissions
34
+
### File Permissions
31
35
32
36
This docker image is setup to drop privileges to a userID and groupID specified in the Environment Variables. This is to aid running under appliance style OS's such as Unraid, where all containers are run as root by default. Dropping privileges within the container ensures Cryptomator only has access to the userID and groupID specified in the CRYPTOMATOR_UID and CRYPTOMATOR_GID environment variables.
33
37
34
-
**Ensure that your local Cryptomator vault files are read and writable by the user selected.**
38
+
**Ensure that your local Cryptomator vault files are read and writable by the userID selected.**
39
+
40
+
#### Permissions Update
35
41
36
-
##### Permissions Update
42
+
Run the following commands across your local cryptomator vault files to update them for the the default User and Group IDs.
37
43
38
44
```console
39
45
# Change all files to be owned by userID/groupID 1000
@@ -74,6 +80,7 @@ CRYPTOMATOR_UMASK=0077
74
80
```
75
81
76
82
### Using a signed cert
83
+
77
84
If you have a trusted certificate you with to use for the TLS layer, you can bind mount it over the top of the self signed cert within the image.
78
85
79
86
Add the following line under the Volumes entry within the docker-compose.yml file:
0 commit comments